Visual Analysis of Network Flow Data with Timelines and Event Plots
نویسندگان
چکیده
This paper describes Isis, a system that uses progressive multiples of timelines and event plots to support the iterative investigation of intrusions by experienced analysts using network flow data. The visual representations have been designed to make temporal relationships apparent, allow visual classification of events with dynamic brushing, and enable users to organize their visualizations to reveal traffic structure and patterns by reordering rows. Isis combines visual affordances with SQL to provide a flexible tool for investigation. We present an annotated case study using anonymized data of a real intrusion that demonstrates the features of Isis.
منابع مشابه
Behavioral Analysis of Traffic Flow for an Effective Network Traffic Identification
Fast and accurate network traffic identification is becoming essential for network management, high quality of service control and early detection of network traffic abnormalities. Techniques based on statistical features of packet flows have recently become popular for network classification due to the limitations of traditional port and payload based methods. In this paper, we propose a metho...
متن کاملSteady Flow Analysis and Modeling of the Gas Distribution Network Using the Electrical Analogy (RESEARCH NOTE)
The mathematical modeling of a gas network is a powerful tool in order to identify the behavior of system under the different conditions. The modeling can be performed both for the steady state and unsteady state conditions. It is possible to use the fluid flow basic governing equations or the electrical analogy concept for developing the model. The second approach provides a simpler and more r...
متن کاملCapacity planning in the hospital queueing network with blocking: simulation-based optimization approach
Introduction: Hospital administrators have always faced the challenge of providing the best possible health services in a resource-limited environment. The patient flow throughout the hospital is affected by lack of the capacities that can lead to bed-blocking among the hospital units. In this research, the patient flow in the hospital is modeled as an open queueing network with blocking. Then,...
متن کاملDynamic Safety Analysis CNG Stations Using Fault Tree Approach and Bayesian Network
Introduction: The safety of CNG stations is important because of their location in urban areas, as well as to prevent accidents and to protect the safety of personnel, property, and environment. An event occurrence analysis with probability updating is the key to dynamic safety analysis. Methods and materials: In this study, the Failure Modes and Effects Analysis (FMEA) technique was used to d...
متن کاملبهینهسازی پارامترهای مدل KINEROS2 با استفاده از الگوریتم PSO برای شبیهسازی رخداد سیلاب (مطالعه موردی: حوزه تمر استان گلستان)
Simulation of rainfall-runoff process for planning and management of water resources and watersheds requires the use of a conceptual optimized hydrological model. In this study, the hydroPSO package was employed to optimize KINEROS2 (K2) parameters applied in the Tamar watershed, Iran. Four storm events were utilized in hydrograph simulation. Results indicated better efficiency of K2 based on t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2007